Snort mailing list archives

Previous By Date Next
Previous By Thread Next

Need help !!! Dynamic concatenation of IP/ MAC address for arpspoof

From: "Mohamed Makthum" <makthum () gmail com>
Date: Thu, 18 Apr 2013 18:57:48 -0700
Hello everyone,

                                 I am a graduate student and I am quite
interested in IDS system. I want to do my Masters project on IDS. After
considerable amount of googling and study I learned about snort and it
working mechanism. Currently for arpspoof preprocessor we have to provide
the static IP/Mac address mapping for it work . I was thinking of
implementation(script) where IP / Mac address table can be retrieved and
updated in snort.conf. 

 

My questions 

 

1)      Is there such an implementation or script available today ?

 

2)      If not is such an implementation even possible to retrieve the ip /
Mac mapping from DHCP server ?

 

3)      If implemented will it be useful ?

 

I need help and suggestion from all you guyz and sorry if you find these
novice question.

 

I am just a beginner and but I like to learn . Thanks for your time and
replies. 

 

Regards,

Makthum


------------------------------------------------------------------------------
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________
Snort-devel mailing list
Snort-devel () lists sourceforge net
https://lists.sourceforge.net/lists/listinfo/snort-devel
Archive:
http://sourceforge.net/mailarchive/forum.php?forum_name=snort-devel

Please visit http://blog.snort.org for the latest news about Snort!
Previous By Date Next
Previous By Thread Next

Current thread: